Category: Code Review

  • Blog
  • Category: Code Review
Prototype Pollution high vulnerability in ‘mixme’ NPM package

Prototype Pollution high vulnerability in ‘mixme’ NPM package

TL;DR Learn about JavaScript Prototypes Learn about Prototype Pollution Introducing the Prototype Pollution vulnerability that OP Innovate discovered on mixme. Mitigation & helpful tools and utilities. https://nvd.nist.gov/vuln/detail/CVE-2021-28860 ; https://nvd.nist.gov/vuln/detail/CVE-2021-29491 https://www.npmjs.com/advisories/1668 NPM (Node Package Manager) is a gigantic software registry that contains hundreds of thousands of open source Node.js projects in the form of packages. As

Read More
Halloween and Cyber-Security: Malware in Disguise

Halloween and Cyber-Security: Malware in Disguise

TL;DR: Intro to malware The art of disguise – learn about how malware hides itself Ready to look at some real malware? Don’t be a scaredy cat! ♫ Who you gonna call? Us, of course. Ghostly greetings one and all. On Halloween night, children the world over dress up in scary costumes and prowl from

Read More
DLL Injection Attack in Kerberos NPM package

DLL Injection Attack in Kerberos NPM package

Written by: Dan Shallom, Cyber-security expert at OP Innovate.  TL;DR There is a need for awareness of the potential risks of using open-source code Introducing the DLL preloading vulnerability we discovered on Kerberos. Mitigation & helpful tools and utilities. https://www.npmjs.com/advisories/1514 The CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-13110  For those who are not familiar with NPM (Node Package Manager), it is

Read More

Copyright @2020 OP Innovate Ltd. All Rights Reserved.

Under Cyber Attack? Click Here